3 matches found
CVE-2023-22296
Reflected cross-site scripting vulnerability in MAHO-PBX NetDevancer series MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allows a remote unauthenticated...
CVE-2023-22296
CVE-2023-22296 : A reflected cross-site scripting (XSS) vulnerability exists in the MAHO-PBX NetDevancer family. A remote, unauthenticated attacker can inject arbitrary script via the Management screen in affected products prior to version 1.11.00. Affected lines include MAHO-PBX NetDevancer Lite...
JVN#99957889: Multiple vulnerabilities in MAHO-PBX NetDevancer series
There are multiple vulnerabilities in the Management screen of MAHO-PBX NetDevancer series provided by Mahoroba Kobo, Inc. OS Command Injection CWE-78 - CVE-2023-22279 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 9.8 CVSS v2|...